Writing Desk

Blog

Configuring Email


Old-fashioned typewriter

Email has been around so long we often take it for granted.  Many small businesses are so focused on getting their websites designed and launched that they don't give thought to their company or website email.  They assume that the contact form on their website will "just work" and that an email address for their business is all they need.  But in today's world of overwhelming spam most email services have been forced to get smarter and stricter about email.  Technology over the last few years when it comes to email and spam detection has moved forward rapidly and most small business owners are completely unaware that setting up email properly requires a little more than it once did.  Here are some tips for small businesses for setting up email.

Tip #1:  Set a SPF record

An SPF (Sender Policy Framework) record is a type of DNS record.  If you're unfamiliar with what DNS records are here's the non-tech definition :  DNS records tell the internet where your website and it's services (like email) reside.  An SPF record specifies which mail servers are permitted to send email on behalf of your domain.  Without an SPF record any mail server can send email on behalf of your domain - even ones that aren't really you.  An SPF record helps prevent spammers from forging your From address and impersonating your domain.  In some cases messages without an SPF record may be outright rejected by the recipients email server since they can't validate the source.  So not have an SPF record in place could result in two things - (1) a spammer impersonating you or (2) your emails getting dropped altogether.  Your mail service(s) can provide you the appropriate SPF record of what servers to include.  Only 1 SPF record should exist but it can permit multiple mail servers.

Tip #2: Set a DKIM record

A DKIM record is another type of DNS record. It also helps prevent spoofing of your email addresses by adding a digital signature to message headers.  Most reputable email services provide a DKIM key for configuring your DNS record.  DKIM keys are specific to mail servers so each mail server that can send on your domain's behalf will have it's own DKIM record.

Tip #3: Setup DMARC

DMARC can only be setup after SPF and DKIM are in place.  DMARC is yet another DNS record but is more about policy - it tells the webserver what to do if email fails the SPF and DKIM checks.  DMARC is aimed at helping to reduce phishing and spam.  Since DMARC is policy based messages that fail authentication can be ignored, reported, quarantined, or rejected.  Ultimately your DMARC record should reject failed authentication but getting to that point is a process - move too quickly and you risk blocking valid emails.

Tip #4: Use a transactional email service for your website

If you're using a CMS (such as Expression Engine) configuring email can be tricky with SPF and DKIM.  Not every web host supports DKIM.  For that reason I often recommend using a transactional email service such as Mandrill or Mailgun to handle email.  They provide clear SPF and DKIM records for their servers.  By routing your website email through them you gain easy configuration of your website, SPF/DKIM support, and the added benefit of a transaction history.  If emails are failing or getting block you'll have a record of that to help run down the problem.

If you're unsure if your DNS records contain a SPF, DKIM, or DMARC record then try an online tool such as https://toolbox.googleapps.com/apps/checkmx/ to check your DNS email related records.  Tools like this point out any potential issues with your DNS email records.  Adjusting DNS records can cause email disruption if not done properly so if you make any changes be sure you know what you are doing.